15 matches found
Exploit for Code Injection in Sitecore Experience_Commerce
CVE-...
Exploit for Deserialization of Untrusted Data in Sitecore Experience_Commerce
PoC exploit for CVE-2025-53690, a vulnerability in a .NET framew...
Sitecore多款产品 安全漏洞
Sitecore Experience Platform XP and others are products of Sitecore, a Danish company.Sitecore Experience Platform is a suite of customer digital experience platforms.Sitecore Experience Manager XM is a management software. Sitecore Experience Commerce XC is a natively integrated, cloud-enabled...
PT-2025-30894 · Sitecore · Sitecore Experience Platform +2
Name of the Vulnerable Software and Affected Versions: Sitecore Experience Manager XM versions 8.0 Initial Release through 10.4 Initial Release Sitecore Experience Platform XP versions 8.0 Initial Release through 10.4 Initial Release Sitecore Experience Commerce XC versions 8.0 Initial Release...
VulnCheck KEV: CVE-2025-34510
Sitecore Experience Manager XM, Experience Platform XP, and Experience Commerce XC versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by sending a crafted HTTP request to upload a ZIP archive...
EUVD-2025-18525
Sitecore Experience Manager XM, Experience Platform XP, and Experience Commerce XC versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by sending a crafted HTTP request to upload a ZIP archive containing...
Sitecore多款产品 安全漏洞
Sitecore Experience Platform XP and others are products of Sitecore, a Danish company.Sitecore Experience Platform is a suite of customer digital experience platforms.Sitecore Experience Manager XM is a management software. Sitecore Experience Commerce XC is a natively integrated, cloud-enabled...
VulnCheck KEV: CVE-2024-46938
An issue was discovered in Sitecore Experience Platform XP, Experience Manager XM, and Experience Commerce XC 8.0 Initial Release through 10.4 Initial Release. An unauthenticated attacker can read arbitrary files...
Exploit for Code Injection in Sitecore Experience_Commerce
CVE-2023-35813 Exploit for CVE-2023-35813 example use:...
Exploit for Code Injection in Sitecore Experience_Commerce
CVE-2023-35813 Exploit for CVE-2023-35813 example use:...
CVE-2023-35813
Multiple Sitecore products allow remote code execution. This affects Experience Manager, Experience Platform, and Experience Commerce through 10.3...
CVE-2023-35813
Multiple Sitecore products allow remote code execution. This affects Experience Manager, Experience Platform, and Experience Commerce through 10.3...
PT-2023-25331
Name of the Vulnerable Software and Affected Versions Sitecore Experience Manager versions through 10.3 Sitecore Experience Platform versions through 10.3 Sitecore Experience Commerce versions through 10.3 Description Multiple Sitecore products are affected by a remote code execution issue. This...
CVE-2023-33651
An issue in the MVC Device Simulator of Sitecore Experience Platform XP, Experience Manager XM, and Experience Commerce XC v9.0 Initial Release to v13.0 Initial Release allows attackers to bypass authorization rules...
PT-2023-24432 · Sitecore · Sitecore Experience Commerce +2
Name of the Vulnerable Software and Affected Versions: Sitecore Experience Platform XP versions 9.0 Initial Release through 13.0 Initial Release Sitecore Experience Manager XM versions 9.0 Initial Release through 13.0 Initial Release Sitecore Experience Commerce XC versions 9.0 Initial Release...